Problem/Motivation
sms_user automatically switches the authenticates a user based on the incoming recipient's number and switches the current user to that user. It also doesn't switch user if the authentication failed and doesn't provide any warning. This is inconsistent behavior, not very secure and also makes assumptions about what other modules would be doing (some modules may not want to switch user on an incoming SMS).
Proposed resolution
1. Add a setting that allows users to opt-out (or rather opt-in) to automatic user switching.
2. Consider removing also the automatic registration of a number which was not authenticated (could be a security issue too).
Remaining tasks
Discuss
Patch
Reviews
Commit
User interface changes
Added a setting to the /admin/smsframework/sms_user_options page to allow opt-in to automatic user switching.
API changes
sms_user_sms_incoming() will no longer switch to authenticated users. May affect some modules that depended on that behaviour.
Comment | File | Size | Author |
---|---|---|---|
#2 | 2401699-2.patch | 5.47 KB | almaudoh |
|
Comments
Comment #1
almaudoh CreditAttribution: almaudoh commentedThis should not block the stable release.
Comment #2
almaudoh CreditAttribution: almaudoh commentedOk, here's a patch that adds a setting to the SMS User Options to allow a user to turn on that behavior if needed. The default setting is off. This should address any exposures.
This behavior also has a switch already. So leaving as is.
Comment #3
almaudoh CreditAttribution: almaudoh commentedUpdated the issue summary.
Comment #5
almaudoh CreditAttribution: almaudoh commentedCommitted / pushed to 7.x-1.x